package com.hevery.blog.common.security;

import com.hevery.blog.common.annotation.Security;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @description: ${权限拦截器}
 * @author: hongyu.zhang
 * @create: 2018-04-03
 **/
@Component
public class SecurityInterceptor implements HandlerInterceptor{
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if(handler instanceof HandlerMethod){
           HandlerMethod handlerMethod = (HandlerMethod)handler;
           Security security = handlerMethod.getMethodAnnotation(Security.class);
           if(security == null){
              return true;
           }
           //需要校验是否登录
           if("123".equals(request.getParameter("password"))){
                return true;
           }
           throw new CustomSecurityException();
        }
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
